US2025310338A1PendingUtilityA1

Bridging between source applications and authorization systems

67
Assignee: APPOMNI INCPriority: Mar 27, 2024Filed: Jun 10, 2025Published: Oct 2, 2025
Est. expiryMar 27, 2044(~17.7 yrs left)· nominal 20-yr term from priority
H04L 63/20H04L 63/102
67
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Bridging between source applications and authorization systems is disclosed, including: monitoring an update across a set of source application servers; translating the update into a synthetic message using source application information associated with the set of source application servers and an attribute associated with a target authorization system; and sending the synthetic message to the target authorization system, wherein the target authorization system is configured to instruct an authorization action to be performed at one or more of the set of source application servers.

Claims

exact text as granted — not AI-modified
1 . A system, comprising:
 a database configured to store source application information associated with a set of source application servers; and   one or more processors configured to:
 monitor a set of updates across the set of source application servers; 
 package the set of updates into a synthetic message using the source application information and an attribute associated with a target authorization system; 
 send the synthetic message to the target authorization system, wherein the target authorization system is configured to instruct an authorization action to be performed at one or more of the set of source application servers; and 
 perform an implementation at the one or more of the set of source application servers based at least in part on the authorization action. 
   
     
     
         2 . The system of  claim 1 , wherein to monitor the set of updates across the set of source application servers comprises to monitor logs or events of the set of source application servers. 
     
     
         3 . The system of  claim 1 , wherein the set of updates comprises one or more of the following: an entity gaining an access, the entity performing an action in a source application, the entity connecting to another system, the entity changing an Internet Protocol (IP) address, the entity changing a location, the entity elevating a permission, the entity using administrative or elevated permissions, and the entity performing an operation on data. 
     
     
         4 . The system of  claim 3 , wherein the entity refers to one of the following: a user, an integration, and an automated process. 
     
     
         5 . The system of  claim 1 , wherein to monitor the set of updates across the set of source application servers comprises to receive messages from the set of source application servers. 
     
     
         6 . The system of  claim 5 , wherein to package the set of updates into the synthetic message comprises to:
 determine a source application-specific user identifier (ID) of a user identified in the set of updates;   determine a global user ID corresponding to the source application-specific user ID; and   add the global user ID into the synthetic message that is generated from the set of updates.   
     
     
         7 . The system of  claim 5 , wherein to package the set of updates into the synthetic message comprises to:
 determine a format of data that is to be ingested by the target authorization system; and   based on the format of the data that is to be ingested by the target authorization system, add a new field to the synthetic message.   
     
     
         8 . The system of  claim 5 , wherein to package the set of updates into the synthetic message comprises to:
 score the received messages;   filter the received messages based on their respective scores; and   generate the synthetic message based on received messages that are not filtered out based on their respective scores.   
     
     
         9 . The system of  claim 5 , wherein to package the set of updates into the synthetic message comprises to enable efficient transmission of the synthetic message by one or more of the following: compression, bulk packaging, message grouping, and pruning with respect to the received messages. 
     
     
         10 . The system of  claim 5 , wherein to package the set of updates into the synthetic message comprises to:
 obtain a data classification associated with a source application server from which at least a subset of the set of updates was monitored; and   add the data classification to the synthetic message.   
     
     
         11 . The system of  claim 1 , wherein to monitor the set of updates across the set of source application servers comprises to receive telemetric updates from the set of source application servers. 
     
     
         12 . The system of  claim 1 , wherein to package the set of updates into the synthetic message comprises to:
 determine that a change included in the update had originated from a first source application server; and   masquerade a content of the synthetic message to emulate that the change included in the update had originated from a second source application server, wherein the second source application server is different from the first source application server.   
     
     
         13 . The system of  claim 1 , wherein to package the set of updates into the synthetic message comprises to combine the set of updates into a single synthetic message that conforms to a format or protocol that is recognized by the target authorization system. 
     
     
         14 . The system of  claim 13 , wherein the set of updates comprises updates monitored across at least two different source application servers. 
     
     
         15 . The system of  claim 1 , wherein the one or more processors are further configured to receive, from the target authorization system, an instruction describing the authorization action. 
     
     
         16 . The system of  claim 15 , wherein the one or more processors are further configured to determine whether the authorization action is able to be performed natively at the one or more of the set of source application servers relative to the instruction. 
     
     
         17 . The system of  claim 16 , wherein in the event that the authorization action is able to be performed natively at the one or more of the set of source application servers, the one or more processors are configured to make one or more application programming interface (API) calls to the one or more of the set of source application servers to implement the authorization action. 
     
     
         18 . The system of  claim 16 , wherein in the event that the authorization action is not able to be performed natively at the one or more of the set of source application servers, the one or more processors are configured to perform an action at the one or more of the set of source application servers that approximates an effect of the authorization action that is instructed by the target authorization system. 
     
     
         19 . A method, comprising:
 monitoring a set of updates across a set of source application servers;   packaging the set of updates into a synthetic message using source application information and an attribute associated with a target authorization system;   sending the synthetic message to the target authorization system, wherein the target authorization system is configured to instruct an authorization action to be performed at one or more of the set of source application servers; and   performing an implementation at the one or more of the set of source application servers based at least in part on the authorization action.   
     
     
         20 . The method of  claim 19 , wherein packaging the set of updates into the synthetic message comprises combining the set of updates into a single synthetic message that conforms to a format or protocol that is recognized by the target authorization system.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.